From f14df82a3f36f833ad1174d293c9c2e33f2a2bea Mon Sep 17 00:00:00 2001 From: Paul Eggert Date: Mon, 18 Oct 2021 14:50:16 -0700 Subject: [PATCH] regex: fix buffer read overrrun * config/srclist.txt: Remove posix/regexec.c for now. * lib/regexec.c (re_search_internal): Fix buffer read overrun reported by Benno Schulenberg in: https://lists.gnu.org/r/bug-gnulib/2021-10/msg00035.html --- ChangeLog | 7 +++++++ config/srclist.txt | 2 +- lib/regexec.c | 2 +- 3 files changed, 9 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 87fd99f6a..a017453dc 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +2021-10-18 Paul Eggert + + regex: fix buffer read overrrun + * lib/regexec.c (re_search_internal): + Fix buffer read overrun reported by Benno Schulenberg in: + https://lists.gnu.org/r/bug-gnulib/2021-10/msg00035.html + 2021-10-15 Paul Eggert nproc: port better to macOS 10.14 diff --git a/config/srclist.txt b/config/srclist.txt index 16b61721a..83e251def 100644 --- a/config/srclist.txt +++ b/config/srclist.txt @@ -70,7 +70,7 @@ $LIBCSRC posix/regex.c lib $LIBCSRC posix/regex.h lib $LIBCSRC posix/regex_internal.c lib $LIBCSRC posix/regex_internal.h lib -$LIBCSRC posix/regexec.c lib +#$LIBCSRC posix/regexec.c lib #$LIBCSRC stdlib/canonicalize lib/canonicalize-lgpl.c #$LIBCSRC sysdeps/generic/eloop-threshold.h lib $LIBCSRC time/timegm.c lib diff --git a/lib/regexec.c b/lib/regexec.c index 83e9aaf8c..a955aa218 100644 --- a/lib/regexec.c +++ b/lib/regexec.c @@ -760,7 +760,7 @@ re_search_internal (const regex_t *preg, const char *string, Idx length, } /* If MATCH_FIRST is out of the buffer, leave it as '\0'. Note that MATCH_FIRST must not be smaller than 0. */ - ch = (match_first >= length + ch = (mctx.input.valid_len <= offset ? 0 : re_string_byte_at (&mctx.input, offset)); if (fastmap[ch]) break; -- 2.31.1